<%@ page language="java" contentType="text/html; charset=US-ASCII"
    pageEncoding="US-ASCII"%>
<%@ page import="java.sql.*" %>
<%@ page import="ca.radiologydb.util.Template" %>
<%@ page import="ca.radiologydb.util.ConnectionManager" %>


<%

// Print the template open
Template template = new Template(this.getServletContext().getRealPath("/").toString());
out.println(template.getTemplateTop());

// Check Permissions
if (session.getAttribute("username") == null
		|| session.getAttribute("usertype") == null) {
	out.println("Cannot display results as you're not logged in, or do not have the proper permissions.");
	out.println("<a href='login.jsp'>Login</a>");
	
	//This page is only accessible to administrators
} else if (!session.getAttribute("usertype").equals("a")) {
	out.println("Cannot display results as you're not logged in, or do not have the proper permissions.");
	out.println("<a href='login.jsp'>Login</a>");

	//Show the page if the user is an administrator
} else {
	
	out.println("<h3>User Management</h3>");
	
	out.println("<a href=new_user.jsp>Create New User</a>");
	
	// Open connection to database
	ConnectionManager manager = new ConnectionManager();
	Connection conn = manager.getConnection();
	
	//select the user table from the underlying db and validate the user name and password
	Statement stmt = null;
	ResultSet rset = null;
	
	//SELECT UNIQUE u.user_name, p.first_name, p.last_name, u.date_registered, u.class 
	//FROM users u, persons p 
	//WHERE u.user_name = p.user_name
	
	String sql = "SELECT UNIQUE u.user_name, p.first_name, p.last_name, u.date_registered, u.class ";
	sql += "FROM users u, persons p ";
	sql += "WHERE u.user_name = p.user_name";
	
	out.println("<br><br>");
	
	try {
		// Query the database
		stmt = conn.createStatement();
		rset = stmt.executeQuery(sql);
	}
	catch (Exception ex) {
		out.println("<hr>" + ex.getMessage() + "<hr>");
	}
	
	

	// Print out the list of all users
	out.println("<table id='users'>\n");
	out.println("	<tr><th>User Name</th><th>User Class</th><th>Full Name</th><th>Date Registered</th><th>Edit</th></tr>\n");
	while(rset != null && rset.next()) {
		out.println("	<tr>\n");
		out.println("		<td>"+rset.getString("user_name")+"</td>");
		out.println("<td>"+rset.getString("class")+"</td>");
		out.println("<td>"+rset.getString("first_name")+" "+rset.getString("last_name")+"</td>");
		out.println("<td>"+rset.getString("date_registered")+"</td>");
		out.println("<td><a href='edit_user.jsp?u="+rset.getString("user_name")+"'>Edit User</a></td>\n");
		out.println("	</tr>\n");
	}
	out.println("</table>");
	
	//Close connections
	stmt.close();
	manager.closeConnection();
}
	
	out.println(template.getTemplateBottom());

%>

	
	
	
	
	



























